<?php

declare(strict_types=1);

namespace app\middleware;

class AllowCrossDomain
{
    public function handle($request, \Closure $next)
    {
        header('Access-Control-Allow-Origin: *');
        header('Access-Control-Allow-Headers: *');
        header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS');
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 1728000');
        header('Content-Type: application/json; charset=utf-8');

        if ($request->method(true) == 'OPTIONS') {
            return response()->code(204);
        }

        return $next($request);
    }
}
